[Lxc-users] Ubuntu template questions

Papp Tamas tompos at martos.bme.hu
Wed Mar 28 09:06:44 UTC 2012 

On 03/13/2012 08:02 PM, Serge Hallyn wrote:

I'm sorry for the late answer.

> Hm, perhaps /etc/network/if-up.d/ntpdate should be updated to not run
> in a container.
>
> It also might be worth removing CAP_SYS_TIME from the container's
> rights.

Yes, that's true.

> You mean to run after the container has been created? That'd be a nice 
> features, yes. Stéphane has also suggested pre- and post-start scripts 
> for container start/stop. 

Yes, exactly. Right now there is a lot of hardcoded option (eg. ubuntu 
user, network setup.. etc.)

> 4. I always wanted to ask, why lxc-create command has a switch '-n' if
> it defined in the configuration anyway?
> Hmm?  I never put the hostname in my configuration manually.

lxc configuration contains lxc.utsname = NAME.
Than it's needed to setup the container with lxc-create -n NAME -f config

> Well, these templates are used by people doing juju, openstack, and 
> launchpad/buildd stuff. Yes we've never really discussed how we should 
> go about deciding good defaults. We probably should. 

If there is an pre/post script solution, it's getting not so important.

>> 6. How can I deploy it to a custom directory? With the switch '-B' I was
>> not successful. Anyway, many times I just want to create a container
>> with no individual partition (volume). Now I copied it from /var/lib/lxc.
> Not sure what you mean.  -B only really supports lvm right now.  It should
> be made to support loopback qemu-nbd images.
>
> In the lxc server guide (a rough draft is at
> https://code.launchpad.net/~serge-hallyn/serverguide/serverguide-lxc
> with a rougher but pdf draft at
> http://people.canonical.com/~serge/lxc.serverguide.pdf)
> I strongly recommend against picking custom locations.  Rather, if you
> need more space, symlink or bind-mount in another filesystem to
> /var/lib/lxc and /var/cache/lxc.

Why

>
>> 7. Why does lxc-destroy remove the container files without asking about
>> it? I think is a bad idea.
> <shrug>   it's what it's always done.  I personally like it - I prefer
> limiting interaction.  We could add a --del-rootfs option, without which
> it only deletes the config, but I don't really see the point.

I think it's not (only) about rootfs but the full configuration (fstab, 
config etc.)

>> 8. The script creates some custom upstart config file:
>> lxc.conf: Why don't use lxcguest package?
> lxc.conf is installed with lxc, to be installed on the host.  It's what
> starts your /etc/lxc/auto/ containers.

I mean in the container, If I'm not wrong. I wrote this email a long 
time ago.

>> ssh.conf: why is this necessary?
>> console.conf: It should be in the package upstart as tty[0-6].conf or in
>> lxcguest package, isn't it?
> Here you need to be specific about what containers you created, with what
> options.  If you're creating a precise container on precise host, ssh.conf
> won't exist and console.conf is shipped by upstart, just as you say.

Great.

>> 9. The script just removes config files instead of using dpkg-divert:
>> rm -f $rootfs/etc/init/tty{5,6}.conf
>>
>> chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls u*.conf); do mv
>> $f $f.orig; done'
>> chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls tty[2-9].conf);
>> do mv $f $f.orig; done'
>> chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
>> plymouth*.conf); do mv $f $f.orig; done'
>> chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls hwclock*.conf);
>> do mv $f $f.orig; done'
>> chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls module*.conf);
>> do mv $f $f.orig; done'
>>
>>
>> Why?
> In general I think trim'ed containers are considered non-upgradeable
> anyway, but if dpkg-divert can be easily used to improve things, that
> might be a good idea.  Would you be interested in writing some patches
> to that effect?

OK, checked the script and now yes, it obviously belongs only to the 
trimmed containers so it's OK. However dpkg-divert still looks better;)

>> 10.
>> if [ $release != "lucid" ]; then
>>       sed -i 's/^.*emission handled.*$/echo Emitting lo/'
>> $rootfs/etc/network/if-up.d/upstart
>> fi
>>           * Would not be better if there is an lxclo.conf from lxcguest?
>> Than you don't need to worry about package updates.
> Yes, but this is a trimmed container.  Trim means manually slice and
> dice the system so you don't need lxcguest.
>
> If you don't do --trim, then this won't be done, and lxcguest will be
> installed instead.

OK, clear now.

> Thanks, sorry for taking so long to respond. -serge 

The same from here:)


Thank you,
tamas

More information about the lxc-users mailing list